Abstract: In this talk I’ll present the Frontal attack, a new timing side-channel attack on Intel CPU processors. Our attack exploits timing differences that arise from how the CPU frontend fetches and processes instructions while being interrupted. In particular, we observe that in modern Intel CPUs, some instructions’ execution times will depend on which operations
Abstract: The goal of secure multi-party computation (MPC) is to allow a set of parties to perform an arbitrary computation task, where the security guarantees depend on the set of parties that are corrupted. The more parties are corrupted, the less is guaranteed, and typically the guarantees are completely lost when the number of corrupted
Abstract: With the growing processing power of computing systems and the increased availability of massive datasets, machine learning algorithms have led to major breakthroughs in many different areas. This development has influenced computer security, inspiring many learning-based security systems, such as for malware detection, vulnerability discovery, and binary code analysis. Despite great potential, machine learning
Abstract: Widely used cryptographic protocols like TLS 1.3 (Transport Layer Security) have seen increased adoption recently on the basis of their claims of provable security. These claims refer to the results of rigorous academic proofs in a formal key-exchange model; however, the actual claims and guarantees rarely reach developers or implementors of TLS, let alone
Abstract: TEMPEST attacks are a well-known threat that consists of spying on an electronic device through its unintended physical emissions. Physical emissions are also used by side-channel attacks to break cryptographic implementations. However, while TEMPEST attacks have been demonstrated at large distances (e.g., several meters), side-channel attacks generally work only in the proximity of the target
Abstract: This presentation covers the “FragAttacks” research. This research includes three new design flaws in the 802.11 standard that underpins Wi-Fi. One design flaw is in the frame aggregation functionality, and another two are in the frame fragmentation functionality. These design flaws enable an adversary to forge encrypted frames in various ways, which in turn
Abstract: The talk will cover: – What makes customers trust digital services – How do you engage communities into building strong security – Are vulnerabilities the end of a company’s reputation Join the Zoom meeting at 12:30 on Thursday, May 27th: https://ethz.zoom.us/j/65841148696
Abstract: Quantum computers are expected to provide efficient solutions to problems that are conjectured to be intractable for classical computers (such as the simulation of quantum physical system). This raises the following question: can a classical computer efficiently verify the results of a quantum computation? In 2018, Urmila Mahadev answered this question in the affirmative
Abstract: In this talk, I will first introduce the Cyber-Defence Campus, including its main topics of interest and activities. I will then show with two application examples how machine learning can enable us to analyze and anticipate cybersecurity risks at scale. First, we will see how supervised and unsupervised learning algorithms can help detect intrusions
Abstract: A multitude of wireless technologies are used by an aircraft during flight. From a conceptual perspective, all of them are insecure as security was never part of their design and the evolution of legacy systems in aviation did not keep up with the state of the art. Recent contributions from academic and hacking communities